chapter 11 e-commerce security. what is security? dictionary definition: protection or defense...
Post on 21-Dec-2015
214 views
TRANSCRIPT
Chapter 11
E-Commerce Security
What is Security? Dictionary Definition: protection or defense against
attack, interference, espionage, etc. Computer Security Classification:
Confidentiality (or Secrecy)Protecting against unauthorized data disclosure and
ensuring the authenticity of the data’s source Integrity
Preventing unauthorized data modificationAvailability (or Necessity)
Preventing data delays or denials (removal)
Goals of Security
DATA
Integrity
DATA
Availability
DATA
Confidentiality
Source: GUNTER
Copyright and intellectual Property Copyright
Protecting expression Literary and musical works Pantomimes and choreographic works Pictorial, graphic, and sculptural works Motion pictures and other audiovisual works Sound recordings Architectural works
Intellectual property The ownership of ideas and control over the tangible or
virtual representation of those ideas
Security Policy and Integrated Security
Security policy is a written statement describing what assets are to be protected and why, who is responsible, which behaviors are acceptable or not Physical security Network security Access authorizations Virus protection Disaster recovery
Specific Elements of a Security Policy
Authentication Who is trying to access the site?
Access Control Who is allowed to logon and access the site?
Secrecy Who is permitted to view selected information
Data integrity Who is allowed to change data?
Audit What and who causes selected events to occur, and when?
ActiveX Controls
ActiveX is an object, called a control, that contains programs and properties that perform certain tasks
ActiveX controls only run on Windows 95, 98, or 2000 Once downloaded, ActiveX controls execute like any
other program, having full access to your computer’s resources
Intellectual Property Threats
The Internet presents a tempting target for intellectual property threats Very easy to reproduce an exact copy of anything found on
the Internet People are unaware of copyright restrictions, and unwittingly
infringe on them Fair use allows limited use of copyright material when
certain conditions are met
Intellectual Property Threats
Cybersquatting
The practice of registering a domain name that is the trademark of another person or company
Cybersquatters hope that the owner of the trademark will pay huge dollar amounts to acquire the URL
Some Cybersquatters misrepresent themselves as the trademark owner for fraudulent purposes
Three components to security
Three perspectives User’s point of view Server’s point of view Both parties
Three parts Client-side security Server-side security Document confidentiality
Electronic Commerce Threats
Client Threats Active Content
Java applets, Active X controls, JavaScript, and VBScript
Programs that interpret or execute instructions embedded in downloaded objects
Malicious active content can be embedded into seemingly innocuous Web pages
Cookies remember user names, passwords, and other commonly referenced information
CLIENT SIDE SECURITY
Client-side security deals with the security from the customer’s desktop system to the e-commerce server. This part of the system includes the customer’s computer and browser software and the communications link to the server
Within this part of the system, there are several issues:
•The protection of information in transit between the customer’s system and the server
•The protection of information that is saved to the customer’s system
•The protection of the fact that a particular customer made a particular order
Communications Security Communications security for e-commerce
applications covers the security of information that is sent between the customer’s system and the e-commerce server.
EXAMPLE sensitive information such as credit card
numbers or site passwords. confidential information that is sent from the
server to the customer’s system, such as customer files.
Saving Information on the Client System
Why so Important In order to conduct commerce across the
Internet using Web browsers and Web servers, the servers must remember what the
consumer is doing (this includes information about the consumer, what they are ordering,
and any passwords the consumer may have used to access secured pages).
One way (and the most common way) that a Web server can do this is to usecookies
INTERNET COOKIE A cookie is a small amount of information that is stored on the
client system by the Web server. Only the Web server that placed the cookie is supposed to
retrieve it, and the cookie should expire after some period of time (usually less than a year).
A cookie is a piece of text that a Web server can store on a user's hard disk. Cookies allow a Web site to store information on a user's machine and later retrieve it. The pieces of information are stored as name-value pairs.
•Example: UserID A9A3BECE0563982D www.goto.com/
Cookies can be in clear text or they can be encrypted. Cookies can be used to track anything for the Web server.
The E-commerce Security Environment
Dimensions of E-commerce Security
Integrity: ability to ensure that information being displayed on a Web site or transmitted/received over the Internet has not been altered in any way by an unauthorized party
Nonrepudiation: ability to ensure that e-commerce participants do not deny (repudiate) online actions
Authenticity: ability to identify the identity of a person or entity with whom you are dealing on the Internet
Confidentiality: ability to ensure that messages and data are available only to those authorized to view them
Privacy: ability to control use of information a customer provides about himself or herself to merchant
Availability: ability to ensure that an e-commerce site continues to function as intended
Security Threats in the E-commerce Environment
Three key points of vulnerability: Client Server Communications channel
Most common threats: Malicious code Hacking and cybervandalism Credit card theft Spoofing Denial of service attacks Sniffing Insider jobs
Tools Available to Achieve Site Security
Developing an E-commerce Security Plan
Stopping E-Commerce Crimes
Information assurance (IA)
The protection of information systems against unauthorized access to or modification of information whether in storage, processing or transit, and against the denial of service to authorized users, including those measures necessary to detect, document, and counter such threats
human firewalls
Methods that filter or limit people’s access to critical business documents
Stopping E-Commerce Crimes
application firewallsSpecialized tools designed to increase the security of Web applications
common (security) vulnerabilities and exposures (CVE)Publicly known computer security risks, which are collected, listed, and shared by a board of security-related organizations (cve.mitre.org)
Stopping E-Commerce Crimes
vulnerability
Weakness in software or other mechanism that threatens the confidentiality, integrity, or availability of an asset (recall the CIA model). It can be directly used by a hacker to gain access to a system or network
risk
The probability that a vulnerability will be known and used
Stopping E-Commerce Crimes
exposureThe estimated cost, loss, or damage that can result if a threat exploits a vulnerability
standard of due careCare that a company is reasonably expected to take based on the risks affecting its EC business and online transactions
E-Commerce Security Strategy and Life Cycle Approach
The Internet’s Vulnerable Designdomain name system (DNS)
Translates (converts) domain names to their numeric IP addresses
IP address
An address that uniquely identifies each computer connected to a network or the Internet
E-Commerce Security Strategy and Life Cycle Approach
Four high-level stages in the life cycle of an EC security program:1. Planning and organizing
2. Implementation
3. Operations and maintenance
4. Monitoring and evaluating
E-Commerce Security Strategy and Life Cycle Approach
patchProgram that makes needed changes to software that is already installed on a computer. Software companies issue patches to fix bugs in their programs, to address security problems, or to add functionality
hotfixMicrosoft’s name for a patch. Microsoft bundles hotfixes into service packs for easier installation
service packThe means by which product updates are distributed. Service packs may contain updates for system reliability, program compatibility, security, and more
E-Commerce Security Strategy and Life Cycle Approach
Ignoring EC Security Best Practices Computing Technology Industry Association
(CompTIA)
Nonprofit trade group providing information security research and best practices
Despite the known role of human behavior in information security breaches, only 29% of the 574 government, IT, financial, and educational organizations surveyed worldwide had mandatory security training. Only 36%offered end-user security awareness training
Information Assurance
CIA security triad (CIA triad)
Three security concepts important to information on the Internet: confidentiality, integrity, and availability
Information Assurance
confidentialityAssurance of data privacy and accuracy. Keeping private or sensitive information from being disclosed to unauthorized individuals, entities, or processes
integrityAssurance that stored data has not been modified without authorization; and a message that was sent is the same message that was received
availabilityAssurance that access to data, the Web site, or other EC data service is timely, available, reliable, and restricted to authorized users
Information Assurance
authenticationProcess to verify (assure) the real identity of an individual, computer, computer program, or EC Web site
authorizationProcess of determining what the authenticated entity is allowed to access and what operations it is allowed to perform
Information Assurance
nonrepudiationAssurance that online customers or trading partners cannot falsely deny (repudiate) their purchase or transaction
digital signature or digital certificateValidates the sender and time stamp of a transaction so it cannot be later claimed that the transaction was unauthorized or invalid
Information Assurance
Information Assurance
Enterprisewide E-Commerce Security and Privacy Model
Enterprisewide E-Commerce Security and Privacy Model
Senior Management Commitment and Support
EC Security Policies and Training To avoid violating privacy legislation when
collecting confidential data, policies need to specify that customers:
Know they are being collected Give permission, or “opt in,” for them to be collected Have some control over how the information is used Know they will be used in a reasonable and ethical
manner
Enterprisewide E-Commerce Security and Privacy Model
acceptable use policy (AUP)
Policy that informs users of their responsibilities when using company networks, wireless devices, customer data, and so forth
Enterprisewide E-Commerce Security and Privacy Model
EC Security Procedures and Enforcement business impact analysis (BIA)
An exercise that determines the impact of losing the support of an EC resource to an organization and establishes the escalation of that loss over time, identifies the minimum resources needed to recover, and prioritizes the recovery of processes and supporting systems
Security Tools: Hardware and Software
Basic E-Commerce Security Issues and Perspectives
Some of the major technology defenses to address these security issues that can occur in EC: Authentication Authorization auditing
Process of recording information about what Web site, data, file, or network was accessed, when, and by whom or what
Confidentiality (privacy) and integrity (trust) Availability Nonrepudiation
Threats and Attacks
nontechnical attack
An attack that uses chicanery to trick people into revealing sensitive information or performing actions that compromise the security of a network
social engineering
A type of nontechnical attack that uses some ruse to trick users into revealing information or performing an action that compromises a computer or network
Threats and Attacks
technical attackAn attack perpetrated using software and systems knowledge or expertise
time-to-exploitationThe elapsed time between when a vulnerability is discovered and the time it is exploited
SpywareGuideA public reference site for spyware
Threats and Attacks
zero-day incidentsAttacks through previously unknown weaknesses in their computer networks
denial of service (DOS) attackAn attack on a Web site in which an attacker uses specialized software to send a flood of data packets to the target computer with the aim of overloading its resources
Threats and Attacks
Web server and Web page hijacking botnet
A huge number (e.g., hundreds of thousands) of hijacked Internet computers that have been set up to forward traffic, including spam and viruses, to other computers on the Internet
malwareA generic term for malicious software
virusA piece of software code that inserts itself into a host, including the operating systems, in order to propagate; it requires that its host program be run to activate it
Threats and Attacks
wormA software program that runs independently, consuming the resources of its host in order to maintain itself, that is capable of propagating a complete working version of itself onto another machine
macro virus (macro worm)A virus or worm that executes when the application object that contains the macro is opened or a particular procedure is executed
Trojan horseA program that appears to have a useful function but that contains a hidden function that presents a security risk
Threats and Attacks
Trojan-Phisher-ReberyA new variant of a Trojan program that stole tens of thousands of stolen identities from 125 countries that the victims believed were collected by a legitimate company
banking TrojanA Trojan that comes to life when computer owners visit one of a number of online banking or e-commerce sites
rootkitA special Trojan horse program that modifies existing operating system software so that an intruder can hide the presence of the Trojan program
Securing E-Commerce Communications
access controlMechanism that determines who can legitimately use a network resource
passive tokenStorage device (e.g., magnetic strip) that contains a secret code used in a two-factor authentication system
active tokenSmall, stand-alone electronic device that generates one-time passwords used in a two-factor authentication system
Securing E-Commerce Communications
biometric systemsAuthentication systems that identify a person by measurement of a biological characteristic, such as fingerprints, iris (eye) patterns, facial features, or voice
public key infrastructure (PKI)A scheme for securing e-payments using public key encryption and various technical components
Securing E-Commerce Communications
encryptionThe process of scrambling (encrypting) a message in such a way that it is difficult, expensive, or time-consuming for an unauthorized person to unscramble (decrypt) it
plaintextAn unencrypted message in human-readable form
ciphertextA plaintext message after it has been encrypted into a machine-readable form
Securing E-Commerce Communications
encryption algorithmThe mathematical formula used to encrypt the plaintext into the ciphertext, and vice versa
key (key value)The secret code used to encrypt and decrypt a message
key spaceThe large number of possible key values (keys) created by the algorithm to use when transforming the message
Securing E-Commerce Communications
symmetric (private) key systemAn encryption system that uses the same key to encrypt and decrypt the message
Data Encryption Standard (DES)The standard symmetric encryption algorithm supported by the NIST and used by U.S. government agencies until October 2000
RijndaelAn advanced encryption standard (AES) used to secure U.S. government communications since October 2, 2000
Securing E-Commerce Communications
Securing E-Commerce Communications
public (asymmetric) key encryptionMethod of encryption that uses a pair of matched keys—a public key to encrypt a message and a private key to decrypt it, or vice versa
public keyEncryption code that is publicly available to anyone
private keyEncryption code that is known only to its owner
RSAThe most common public key encryption algorithm; uses keys ranging in length from 512 bits to 1,024 bits
Securing E-Commerce Communications
hashA mathematical computation that is applied to a message, using a private key, to encrypt the message
message digest (MD)A summary of a message, converted into a string of digits after the hash has been applied
digital envelopeThe combination of the encrypted original message and the digital signature, using the recipient’s public key
certificate authorities (CAs)Third parties that issue digital certificates
Securing E-Commerce Communications
Secure Socket Layer (SSL)
Protocol that utilizes standard certificates for authentication and data encryption to ensure privacy or confidentiality
Transport Layer Security (TLS)
As of 1996, another name for the SSL protocol
Securing E-Commerce Networks
The selection and operation of technologies that ensure network security should be based on: Defense in depth Need-to-access basis
policy of least privilege (POLP)Policy of blocking access to network resources unless access is required to conduct business
Role-specific security Monitoring Patch management Incident response team (IRT)
Securing E-Commerce Networks
FIREWALLS firewall
A single point between two or more networks where all traffic must pass (choke point); the device authenticates, controls, and logs all traffic
packet
Segment of data sent from one computer to another on a network
Securing E-Commerce Networks
Firewalls can be designed to protect against:Remote loginApplication backdoorsSMTP session hijackingMacrosVirusesSpam
Securing E-Commerce Networks
packet-filtering routers
Firewalls that filter data and requests moving from the public Internet to a private network based on the network addresses of the computer sending or receiving the request
packet filters
Rules that can accept or reject incoming packets based on source and destination addresses and the other identifying information
Securing E-Commerce Networks
application-level proxy
A firewall that permits requests for Web pages to move from the public Internet to the private network
bastion gateway
A special hardware server that utilizes application-level proxy software to limit the types of requests that can be passed to an organization’s internal networks from the public Internet
Securing E-Commerce Networks
Securing E-Commerce Networks
proxies
Special software programs that run on the gateway server and pass repackaged packets from one network to the other
demilitarized zone (DMZ)
Network area that sits between an organization’s internal network and an external network (Internet), providing physical isolation between the two networks that is controlled by rules enforced by a firewall
Securing E-Commerce Networks
Securing E-Commerce Networks
personal firewallA network node designed to protect an individual user’s desktop system from the public network by monitoring all the traffic that passes through the computer’s network interface card
virtual private network (VPN)A network that uses the public Internet to carry information but remains private by using encryption to scramble the communications, authentication to ensure that information has not been tampered with, and access control to verify the identity of anyone using the network
protocol tunnelingMethod used to ensure confidentiality and integrity of data transmitted over the Internet, by encrypting data packets, sending them in packets across the Internet, and decrypting them at the destination address
Securing E-Commerce Networks
intrusion detection systems (IDSs)A special category of software that can monitor activity across a network or on a host computer, watch for suspicious activity, and take automated action based on what it sees
honeynetA network of honeypots
honeypotProduction system (e.g., firewalls, routers, Web servers, database servers) that looks like it does real work, but which acts as a decoy and is watched to study how network intrusions occur